РАЗРАБОТКИ РЭА   |    CISCO  ]



    OER - балансировка, два провайдера + NAT


key chain OER
 key 1
   key-string 7 OER-KEY-123 

oer master
 policy-rules OER
 max-range-utilization percent 50
 logging
 !
 border 1.1.1.1 key-chain OER
  interface FastEthernet1 external
  interface FastEthernet0 external
  interface Vlan1 internal
 !
 learn
  throughput
  delay
  periodic-interval 1
  monitor-period 2
  prefixes 250
  expire after time 3
  aggregation-type prefix-length 32
 no max range receive
 delay threshold 1200
 unreachable threshold 3
 loss threshold 10
 backoff 180 3000
 mode route control
 mode monitor active
 resolve delay priority 1 variance 1
 resolve loss priority 5 variance 1
 !
 active-probe echo 212.1.1.1
 active-probe echo 87.1.1.1
!
oer border
 local Loopback0
 master 1.1.1.1 key-chain OER
!                                           

track 1 rtr 1 reachability
!
track 2 rtr 2 reachability    

interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0
 description PROV1
 bandwidth 2048
 ip address 212.1.1.2 255.255.255.252
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!
interface FastEthernet1
 description PROV2
 bandwidth 1024
 ip address 87.1.1.2 255.255.255.252
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!                        

interface Vlan1
 description LocalLAN
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!                             

ip local policy route-map DEF
ip route 0.0.0.0 0.0.0.0 FastEthernet0 212.1.1.1
ip route 0.0.0.0 0.0.0.0 FastEthernet1 87.1.1.1

ip nat translation icmp-timeout 15
ip nat inside source route-map PROV1 interface FastEthernet0 overload oer
ip nat inside source route-map PROV2 interface FastEthernet1 overload oer    

ip prefix-list OER seq 5 permit 0.0.0.0/0
ip sla 1
 icmp-echo 212.1.1.1 source-interface FastEthernet0
 timeout 1000
 threshold 40
 frequency 3
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 87.1.1.1 source-interface FastEthernet1
 timeout 1000
 threshold 40
 frequency 3
ip sla schedule 2 life forever start-time now
access-list 100 permit ip 192.168.10.0 0.0.0.255 any   
access-list 110 permit ip 212.1.1.0 0.0.0.15 any
access-list 120 permit ip 87.1.1.0 0.0.0.15 any   

route-map PROV1 permit 10
 match ip address 100
 match interface FastEthernet0
!
route-map PROV2 permit 10
 match ip address 100
 match interface FastEthernet1
! 
route-map DEF permit 10
 match ip address 110
 set ip next-hop 212.1.1.1
!
route-map DEF permit 20
 match ip address 120
 set ip next-hop 87.1.1.1
!     
oer-map OER 10
 match traffic-class prefix-list OER
!   

event manager applet CLEARNAT
 event track 1 state down
 action 1 cli command "enable"
 action 2 cli command "clear ip nat translation *"
event manager applet CLEARNAT_2
 event track 2 state down
 action 1 cli command "enable"
 action 2 cli command "clear ip nat translation *"
!